Hi Brooks,
Do you just mean mutual auth between the client and apiman gateway?
https://docs.jboss.org/author/display/WFLY8/Detailed+Configuration
Or perhaps also mutual auth between the gateway and the backend?
http://www.apiman.io/blog/gateway/security/mutual-auth/ssl/mtls/2015/06/1...
We don't currently support routing requests based upon the certificate (in lieu of an
api key, for instance)
Regards,
Marc
On 24/08/2015 22:35, Brooks Isoldi wrote:
Hi all,
Does APIMan have the ability to validate inbound HTTPS requests
with custom signed certificates to consume a service via a PKI service?
So...a network where all internal traffic is encrypted with SSL,
signed via an internal PKI service. The request to APIMan to consume
the service would be via HTTPS and I am hoping APIMan can:
- Validate the request based on the certificate and PKI service
- Validate the request based on the rate limiting rules
- Consume the service or reject the request accordingly
Thanks!
--
Brooks Isoldi, Software Developer
Traversed
7164 Columbia Gateway Drive, Suite 120A
Columbia, MD 21046
_______________________________________________
Apiman-user mailing list
Apiman-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/apiman-user